Hey guys,
I've been pushing myself into learning and understanding buffer overflows and now I'm desperately looking for vulnerabilities in a given executable (see file below).
This program listens on a given port when running (./vuln 8888 for port 8888), writes into a log file ("/tmp/vuln.log") and waits for user input. If there is a user input, it prints it onto the shell, writes into the log file something like "%buffer = 0xbffff1d0" and replies with "OK".
After some investigations, I'm sure it is vulnerable to buffer overflows and uses a char * buffer[2000].
In all tutorials, it is usually enough to use a larger input than allowed to crash the program. But I just can't get it crashing.
I hope the solution is not too obvious....
Some help would be much appreciated!
Cheers
wallabong
Linux executable:
*Executable link removed. We don't normally allow this for security reasons. PM a Mod to discuss*